This is the built-in help made by Microsoft for the command 'Show-ADAuthenticationPolicyExpression', in PowerShell version 5 - as retrieved from
Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.
For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.
Displays the Edit Access Control Conditions window update or create security descriptor definition language (SDDL) security descriptors.
Show-ADAuthenticationPolicyExpression [[-SDDL] <String>] [[-Title] <String>] [-AuthType {Negotiate | Basic}] [-Credential <PSCredential>] [-Server <String>]
-AllowedToAuthenticateFrom [-Confirm] [-WhatIf] [<CommonParameters>]
Show-ADAuthenticationPolicyExpression [[-SDDL] <String>] [[-Title] <String>] [-AuthType {Negotiate | Basic}] [-Credential <PSCredential>] [-Server <String>]
-AllowedToAuthenticateTo [-Confirm] [-WhatIf] [<CommonParameters>]
The Show-ADAuthenticationPolicyExpression cmdlet creates or modifies an SDDL security descriptor using the Edit Access Control Conditions window.
<
Online Version: http://go.microsoft.com/fwlink/p/?linkid=298321
<
Example 1: Retrieve the AllowedToAuthenticateFrom settings and store in a file
PS C:\>Show-ADAuthenticationPolicyExpression -AllowedToAuthenticateFrom > someFile.txt
PS C:\> New-ADAuthenticationPolicy -Name "testAuthenticationPolicy" -UserAllowedToAuthenticateFrom (Get-Acl .\AuthSettings.txt).sddl
This command retrieves the AllowedToAuthenticateFrom access control list (ACL) by opening the Edit Access Control Conditions window and stores the ACL in a file named
AuthSettings.txt. The file is then used to apply a new authentication policy to the retrieved ACL.
Example 2: Set the UserAllowedToAuthenticateFrom property
PS C:\>New-ADAuthenticationPolicy -Name "testAuthenticationPolicy" -UserAllowedToAuthenticateFrom (Show-ADAuthenticationPolicyExpression -AllowedToAuthenticateFrom)
This example uses the New-ADAuthenticationPolicy cmdlet to create an authentication policy, and then sets the UserAllowedToAuthenticateFrom property by specifying the
Show-ADAuthenticationPolicyExpression cmdlet as the value for the parameter.